Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/app-admin/denyhosts
diff options
context:
space:
mode:
authorChristoph Junghans <ottxor@gentoo.org>2014-01-06 01:53:43 +0000
committerChristoph Junghans <ottxor@gentoo.org>2014-01-06 01:53:43 +0000
commit1c666c19b2c3ab1e8421deea5858844f662c1dff (patch)
treeec47dc5108210dc4893b5d606ecd698d092ea08c /app-admin/denyhosts
parentEAPI bump (diff)
downloadhistorical-1c666c19b2c3ab1e8421deea5858844f662c1dff.tar.gz
historical-1c666c19b2c3ab1e8421deea5858844f662c1dff.tar.bz2
historical-1c666c19b2c3ab1e8421deea5858844f662c1dff.zip
fixed remote denial of ssh service (CVE-2013-6890, bug #495130), added purge command to init.d script (bug #486730) and added me as maintainer
Package-Manager: portage-2.2.7/cvs/Linux x86_64 Manifest-Sign-Key: 0xC2000586
Diffstat (limited to 'app-admin/denyhosts')
-rw-r--r--app-admin/denyhosts/ChangeLog12
-rw-r--r--app-admin/denyhosts/Manifest29
-rw-r--r--app-admin/denyhosts/denyhosts-2.6-r9.ebuild94
-rw-r--r--app-admin/denyhosts/files/denyhosts-2.6-cve-2013-6890.patch60
-rw-r--r--app-admin/denyhosts/files/denyhosts.init-r228
-rw-r--r--app-admin/denyhosts/metadata.xml4
6 files changed, 209 insertions, 18 deletions
diff --git a/app-admin/denyhosts/ChangeLog b/app-admin/denyhosts/ChangeLog
index 829eec2d714e..a53255e1dfd9 100644
--- a/app-admin/denyhosts/ChangeLog
+++ b/app-admin/denyhosts/ChangeLog
@@ -1,6 +1,14 @@
# ChangeLog for app-admin/denyhosts
-# Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-admin/denyhosts/ChangeLog,v 1.68 2013/12/29 13:50:33 dastergon Exp $
+# Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/app-admin/denyhosts/ChangeLog,v 1.69 2014/01/06 01:53:35 ottxor Exp $
+
+*denyhosts-2.6-r9 (06 Jan 2014)
+
+ 06 Jan 2014; Christoph Junghans <ottxor@gentoo.org> +denyhosts-2.6-r9.ebuild,
+ +files/denyhosts-2.6-cve-2013-6890.patch, +files/denyhosts.init-r2,
+ metadata.xml:
+ fixed remote denial of ssh service (CVE-2013-6890, bug #495130), added purge
+ command to init.d script (bug #486730) and added me as maintainer
29 Dec 2013; Pavlos Ratis <dastergon@gentoo.org> metadata.xml:
add myself as maintainer
diff --git a/app-admin/denyhosts/Manifest b/app-admin/denyhosts/Manifest
index 6506d69f594e..75357aae5849 100644
--- a/app-admin/denyhosts/Manifest
+++ b/app-admin/denyhosts/Manifest
@@ -1,6 +1,7 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
+AUX denyhosts-2.6-cve-2013-6890.patch 3612 SHA256 cd9f0ea2883c5561ce8d530b7a59b3ae0a540b289d39b129b62743c8cc0460e9 SHA512 a5b9f33758e1a6d4ddcce9121dd2f4de81f2a0777ef7ae9cf76e00e69cfe26ca388fd346e6b2cfe4bec88d5ac6eae1a2b706ddb7718e65b7e82f59756ef251b9 WHIRLPOOL e1ca0d58f42d81e31100aee450dd840b6c0abf4a6e88d75aea91f82400b5de878662aa24fc4ab8bb353cd65b144013a086eac536d1f4b5874d117bbbaf515aab
AUX denyhosts-2.6-daemon-control.patch 440 SHA256 93421f6a072bb029bf26d8401f0edc21090956c00718d264f2e66b5c9d44e6fe SHA512 6aeb7ef2d695e4a86b3f2a889543493887746483858b2a1bcafc4aed7e0e77d7ac667a005912397df21b78d41eed27e0a1a0b931bb4d52f5dc9f764f8faad099 WHIRLPOOL 491634f42e43c48fbbcec81af2cdf4dbddd57f086ff2f0246e63e1dad87332b4a243c842007165588637054ff9e94e1add1b797a53d58c0ca9b9871ef2999e2f
AUX denyhosts-2.6-defconffile.patch 641 SHA256 0680006bac721584241e4a24a130438a494ba8a541776334708beebaa5d934ed SHA512 7867225cc37f5c1f972cbc4796f85485b6aaae9958c37e929829080f4b5d381c3326086f7019607abc9a02c10d8bebe798e1d0a4fbbb9260e8be1b9de83ce9d9 WHIRLPOOL becb5b2c199fd3d5a69b93006b0509e76c5518f2a1cff87cf76da816d4a667ce97096c9d938e9a234b320f1b8813e82423ce7abe0cb08640a746ac986c877a79
AUX denyhosts-2.6-foreground_mode.patch 5410 SHA256 fa20aa1c502add6f0fc2d8a2422091899f100f445a61516b8f070b53ec160571 SHA512 b0136640f1d2e2aef7b3a40c423344383647344e75f8ec045d61600b23399775f4c3f7b7af7758a0be29d1aa8e255a81cb2df5fba196f3a4ee4c2a274e4f9ed3 WHIRLPOOL dfc245683430910f53c15945e4f92a090565353a9b38fe7bc2a09ea2dfbd5fd87f0e549a07c2b0aae9f91b3b24e3d1a7fab5e029e8d6d60a3afb0ef666296daf
@@ -10,26 +11,22 @@ AUX denyhosts-2.6-log-injection-regex.patch 1142 SHA256 836bbec93f10e6314afc63a9
AUX denyhosts-2.6-plugin_deny.patch 1025 SHA256 786a6001f1660193bbe7dc0e8df555db3de449b592824468e4b81dffbf728d6c SHA512 2fbe162ffb22b173078f451e6030262679f4170665a16c8300e88156256ae485009d32f87fd9c9abfb9e0db9d5bbee8763d4260df2068bc5657a85484f31b417 WHIRLPOOL ddfe480a9c092a2dcc208bf33e598c7b96debaf7857c8ec9da623c7a40c0fa914fc4d8f191349a7d8a62d724a8eb687a698e6fb62c60e259886cf8d3f8b87701
AUX denyhosts-2.6-single_config_switch.patch 853 SHA256 be8025ce86c12ace5d8334c5dbac917c7b9f27f15c679d122826a2ad2e79423f SHA512 90daef95d8ff71feed9e14b590ad9178f5455f56101133534f7c024c612ada77510b9374492bd87f9a54cdcab4107579a4fdf2a77abb491dfc736dbe8c5357b5 WHIRLPOOL ee7130951df2180af955ffac7abd7062fed1d11985f59145f880d2b5f7d288d9ecc91b3d9fb4f03f4e8fd9463d16ac1d711de63d772938e58630580d9c508265
AUX denyhosts.init 576 SHA256 d8c9ab3a39b0efb1d338da8df5e8b88ee99d831c819ca69d4dc16683ec2d217d SHA512 a28283dc47c883c85d86c696dcb08e291fa7e1d41b2f239ab7d6b1ecc21cab9e1adb7d19d183772b1d8fb53165903fefde855a3c0ff2443a86d3cc98f6ca94e8 WHIRLPOOL 34952d8ead377b52df34a8c8d9b46d222fdeea033b736f1a54116fa9227cbbc56a2afb557ddf2f0a03766e80630671f0f37cdc2f1e798e08ccd74d6aaa357a93
+AUX denyhosts.init-r2 763 SHA256 17b51b08a1c070be80c0b811d5e21c4fef70e6532130a731f7580d53b43e0695 SHA512 0ce747ea2bb45d8fa626a0d9055339e92f6f1e30e1f3ed8075db7c9091037999ebaeca2179e3771b3ed58e739c06050dc282eb417c573f45fc641779b86ea2c0 WHIRLPOOL 3a59518443f92d0b2f36cafae8cb892c10441a39b68573e7e0675afe70cee566605dadb6fd19db10e1c6af8f82b0eb83864dcfd346e60ea79292a5fe119880f0
AUX denyhosts.logrotate 194 SHA256 fa67dda8e6784fcfdc7a9fb93d1d16670c1b25888e3f2d6b98e33052616d646f SHA512 a53304bd655dcce5e7d69486684457d46eeda40aa92291de2ecf8ab15ab7e23ed7b7e0a66974c60c4fc9621fdea8260eabdf267eb8f38180eeb1830cbdc883b2 WHIRLPOOL 705673121f03681d1f787bdb69d176171c575b917201d4d98bbe66754fedc13659923c7da6878bd985537f580d33119000fd5018f298acb915d70876b513e065
AUX denyhosts.service 265 SHA256 706911153d24785d577d376c772a3c4b7682dfd968d2fdc737872c27e5e574f8 SHA512 601b10e999dd2e16cec57035d025a883df77df272c6a72b4d39f2c118d983f308984aa9edd296f334e0e5062e8ca5ea21ba25ef58b606c9c7e4c09ed7b3ad4be WHIRLPOOL cb62ab529918d801567e5f3b7f6eb3d52709d54bd89747d0b1739bc01a87cbbdd066aa56ff8db3ca7e857d217f2672cc2a267d6ee78e314d821287fea3633806
DIST DenyHosts-2.6.tar.gz 42667 SHA256 5190ead13a7238e3ccf328cb3b71b16716e1c73939909a4f3fa6904ba58ddf7d SHA512 331144348d4930e2fa7a057a779bb7504dfa8ec348660e1a73fcd6a9195258408abb7c77de2bcc96724dfc42afbee918320eebfbc3b380d6ac4ff2d275e89600 WHIRLPOOL a414cd3013508876e63253ffc9c46d12179cca76249ee00cbf66c04c7b88a8578c79bea4d098149081aa83dca115947b10214f3aa8b82bdd78d764032849e27a
EBUILD denyhosts-2.6-r8.ebuild 2381 SHA256 5bc385f6460e57819d64530160ae01459ce41c5e4fdfa0afbdf99a9ac0113755 SHA512 246c816099fea1b659b53599924be0ccfc3fc0858b104508b0369fea3f9467b16c1ef6852efa1af76a368313137a90a7f4996d52bc56f7974118541ecf84af1b WHIRLPOOL 4d0dc7a18ee57971ad1211dfcf24a0c8228c3ae15245f4d3b1e405a74ead9e133ff23a6bd1d415834a4b8bf090d4230882d9b0ad42abdee7b322899a728c2e64
-MISC ChangeLog 9713 SHA256 65f0ef74ade6906c786683c9ae172cf94755c357477965f515c91250a1d0612a SHA512 f28fd8ac7821981d99bcd4b235793bd47d43b419956917a119728757f3a5ade670d2e53094983b4f03a19bc47fcfd1a0b2b85bcda731697d1a1ea016dbad4350 WHIRLPOOL ca7b86fd4dedffa896d7119d339ecb5a81ca788a5e1a09dcb9759cf7e7ce50949868583416d409087850b3dc350efd379daaa3b01fe459fb56370cc36ac07b04
-MISC metadata.xml 240 SHA256 b96f5e299fe15f0c525fb659c8c5d7f68860bdf4c867e9237c98ed946b4d5e60 SHA512 cac9bff436957bf63a48afa9f1f912f13e1c5e2ed471fe44956d0f2da09d66d197690766a76d35b5f9329a55ceebba12d88a5b988aa127790f06347e7b3fe225 WHIRLPOOL 4c0f0780cdbb2852f7afbe9ec3044868ad5c647bbe6f84dcc610de842ef11f66904a34e84b691084c0ae80df76bb7f37d56ca8c66288478a50c7fdbc90f5ac6f
+EBUILD denyhosts-2.6-r9.ebuild 2442 SHA256 bf7c4e819a57f571444632b0f4c3043639f759cb03ad2cc408dc4434eab8b427 SHA512 db048e3d7276ae2bae87e48c2f59ef1e57a4a4f68c3d279743aedc44d850daa48d06aadf124902aeb510f7fbcbdfcac2ac682754adf5276bc5f2e0346e8de490 WHIRLPOOL e51aaedc2637fd062f949f17b4aeb560df598418f2e658816d58c9ceba16a5e1a405496842e76186aaf4f76323e24db552479484bc98d2bd748074dc72510d9c
+MISC ChangeLog 10057 SHA256 f648fc16e37b7c3c1495ca41f4039381cf01711717c1bf31aca08fe0f12cc20b SHA512 f4da2dd2e05670dcba54528b6dead07467db464b89e11af53a1e72c1de9259d876f9d31639bcb010447725dca2d63734468adceac7c619c986e47d5abc792688 WHIRLPOOL d9a785dff9707fcaae8a68cb2fd78534d859ff043409ad2084067432ca0c0bfd9c60aabf74b3985e17e54da72927daee4b2935a7852240072bd023bd3266d79b
+MISC metadata.xml 344 SHA256 f981a719862f1a42b76aac13285d5ee3676d40e1147685da675d332bade9513d SHA512 70a09d270dde9ae72a39baef85c6b56ffd4f6063b6987aec3d7b31ccd4f618f1d4f1f6cc0c4dc48677ed7647e89627ea3a14ef61fa1d163daabe8efed3ea007a WHIRLPOOL 1b668923c96d3b7d3eec231315bf9453e87334e107cdc7a9c37d0a3ba43b2e9cdbef9b5d0a19176af756089c8da3e0808a390dbd4cd6aa3d537ee02eb5988a01
-----BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.0.20 (GNU/Linux)
+Version: GnuPG v2.0.22 (GNU/Linux)
-iQIcBAEBCAAGBQJSwCoAAAoJEKMbvrI6BRdGZeAP/0MD/J38bwnZxA6Zm2AHSUVV
-ODyd4zFdGXfbtSOMQPW8ARkou45v293yCunObP23uT2cgtLRa4NfJG+l4yuAoslH
-TrAObWoetV+u345ryyPLlwCEZ4Osi3VKcBLlzRuePvzkqxDVUnn9z5131YpWB0ek
-M30UtJLQyld20r3xsStsQa6tYtFCsPwRom3Mc7JuNikeukl1JUmK7RrAYWONybxt
-qanq3dUI8xzTsSR8SdcQY1EkM75+9rYZeMgGK2FK6Mam08EHS6yh3mupKOF1MEZb
-CAkVn3GbePPNEOvwLkth6GI+oRALrEy3c85L/pt+go1Nm5equcdztJJMyY67oW0R
-yrjMLqVeFpCDJm1pm8CI24+xLaADMnSmehVkdZkdkgjym2uGf4m6Fd3QBRBH8J8D
-JBtQ5Op8Py32iO5eG1qYuBEXDTsp3DzChNs3AjF1qkWD1Fl6FubuDwW8StoETXOa
-yzIfv7xToJC2ynJLL/VStbGoJWo4/+N6siFAnd7Kr69AVp0i59cFvo56xnj1Pkkw
-rAwMMQIrKgmfvATmO5WPMmykx2CgxA25qvk1e9OAcI7Y5FxzyjPEHVlg2QpwGMwJ
-S/wa6zS5mexAwW/ljSviRUFLTytz6ps6Qnx9DVaqRKA0IdnnZdf5j5/3rE6erHhR
-FuvLOsA7C0ZeykBbE/Kd
-=qTCN
+iQEcBAEBCAAGBQJSygyhAAoJEOeBhlrCAAWGSPQH/jlfha0cOOS/H3PoipX2nf86
++DhT/7eiGkYR02+ku3om2mANS6tG5YIA8ewxRPQW82Z9j6LdzUIXYHF6CUwfNKfe
+1ioAUibjRnC9XIffeBY/aZtLPsZwgWoMwZjNYJityTJpQbOQfaFVzWOZ6xeLD/0+
+R7GeaON8uqRUc+Pz2ZOT8afeQrABVkEQb6xmcSJaB48POUVVsxgsZezH35ZUo9EH
+BRajZg22TagEhLodTm84nDkyRi0dSanZwOhi4EVgpVCye7hbIh3kujzUQfBflJ9c
+CorPBaSV9VpsEW8pDaOEBLnnSpYqyNfM7kEhrhNn5310aSXjKFf108INBsDw6/M=
+=EK1V
-----END PGP SIGNATURE-----
diff --git a/app-admin/denyhosts/denyhosts-2.6-r9.ebuild b/app-admin/denyhosts/denyhosts-2.6-r9.ebuild
new file mode 100644
index 000000000000..162d7c504370
--- /dev/null
+++ b/app-admin/denyhosts/denyhosts-2.6-r9.ebuild
@@ -0,0 +1,94 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-admin/denyhosts/denyhosts-2.6-r9.ebuild,v 1.1 2014/01/06 01:53:35 ottxor Exp $
+
+EAPI=5
+PYTHON_COMPAT=( python{2_6,2_7} )
+
+inherit distutils-r1 eutils readme.gentoo systemd
+
+MY_PN="DenyHosts"
+MY_P="${MY_PN}-${PV}"
+
+DESCRIPTION="DenyHosts is a utility to help sys admins thwart ssh hackers"
+HOMEPAGE="http://www.denyhosts.net"
+SRC_URI="mirror://sourceforge/${PN}/${MY_P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ppc ~sparc ~x86"
+IUSE=""
+
+DEPEND=""
+RDEPEND=""
+
+PYTHON_MODNAME="${MY_PN}"
+
+S="${WORKDIR}/${MY_P}"
+
+DISABLE_AUTOFORMATTING="yes"
+DOC_CONTENTS="
+You can configure DenyHosts to run as a daemon by running:
+# rc-update add denyhosts default
+or:
+# systemctl enable denyhosts.service
+(if you use systemd)
+
+To run DenyHosts as a cronjob instead of a daemon add the following
+to /etc/crontab
+# run DenyHosts every 10 minutes
+*/10 * * * * root /usr/bin/denyhosts.py -c /etc/denyhosts.conf
+
+More information can be found at http://denyhosts.sourceforge.net/faq.html"
+
+src_prepare() {
+ # changes default file installations
+ epatch "${FILESDIR}"/${P}-gentoo.patch
+ epatch "${FILESDIR}"/${P}-log-injection-regex.patch
+
+ # Multiple patches from Fedora and Debian
+ epatch "${FILESDIR}"/${P}-daemon-control.patch
+ epatch "${FILESDIR}"/${P}-defconffile.patch
+ epatch "${FILESDIR}"/${P}-foreground_mode.patch
+ epatch "${FILESDIR}"/${P}-hostname.patch
+ epatch "${FILESDIR}"/${P}-plugin_deny.patch
+ epatch "${FILESDIR}"/${P}-single_config_switch.patch
+
+ epatch "${FILESDIR}"/${P}-cve-2013-6890.patch
+
+ sed -i -e 's:DENY_THRESHOLD_VALID = 10:DENY_THRESHOLD_VALID = 5:' \
+ denyhosts.cfg-dist || die "sed failed"
+
+ distutils-r1_src_prepare
+}
+
+src_install() {
+ readme.gentoo_create_doc
+
+ dodoc CHANGELOG.txt README.txt PKG-INFO
+ distutils-r1_src_install
+
+ insinto /etc
+ insopts -m0640
+ newins denyhosts.cfg-dist denyhosts.conf
+
+ dodir /etc/logrotate.d
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}"/${PN}.logrotate ${PN}
+
+ newinitd "${FILESDIR}"/denyhosts.init-r2 denyhosts
+ systemd_dounit "${FILESDIR}"/${PN}.service
+
+ # build system installs docs that we installed above
+ rm -f "${D}"/usr/share/denyhosts/*.txt
+
+ keepdir /var/lib/denyhosts
+}
+
+pkg_postinst() {
+ if [[ ! -f "${ROOT}etc/hosts.deny" ]]; then
+ touch "${ROOT}etc/hosts.deny"
+ fi
+
+ readme.gentoo_print_elog
+}
diff --git a/app-admin/denyhosts/files/denyhosts-2.6-cve-2013-6890.patch b/app-admin/denyhosts/files/denyhosts-2.6-cve-2013-6890.patch
new file mode 100644
index 000000000000..3065d5e98424
--- /dev/null
+++ b/app-admin/denyhosts/files/denyhosts-2.6-cve-2013-6890.patch
@@ -0,0 +1,60 @@
+Subject: address remote denial of service CVE-2013-6890
+From: Helmut Grohne <helmut () subdivi de>
+
+ssh -l 'Invalid user root from 123.123.123.123' 21.21.21.21
+
+results in a log lines
+
+sshd[123]: Invalid user Invalid user root from 123.123.123.123 from 21.21.21.21
+sshd[123]: input_userauth_request: invalid user Invalid user root from 123.123.123.123 [preauth]
+sshd[123]: Connection closed by 21.21.21.21 [preauth]
+
+and causes denyhosts to block both ips 21.21.21.21 and 123.123.123.123.
+
+This patch tightens the regular expressions used to avoid these and similar
+injections.
+
+Index: denyhosts-2.6/DenyHosts/regex.py
+===================================================================
+--- denyhosts-2.6.orig/DenyHosts/regex.py 2013-12-22 11:54:42.000000000 +0100
++++ denyhosts-2.6/DenyHosts/regex.py 2013-12-22 11:55:05.000000000 +0100
+@@ -6,22 +6,22 @@
+
+ #DATE_FORMAT_REGEX = re.compile(r"""(?P<month>[A-z]{3,3})\s*(?P<day>\d+)""")
+
+-SSHD_FORMAT_REGEX = re.compile(r""".* (sshd.*:|\[sshd\]) (?P<message>.*)""")
++SSHD_FORMAT_REGEX = re.compile(r""".*? (sshd.*?:|\[sshd\]) (?P<message>.*)""")
+ #SSHD_FORMAT_REGEX = re.compile(r""".* sshd.*: (?P<message>.*)""")
+
+-FAILED_ENTRY_REGEX = re.compile(r"""Failed (?P<method>.*) for (?P<invalid>invalid user |illegal user )?(?P<user>.*?) .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""")
++FAILED_ENTRY_REGEX = re.compile(r"""Failed (?P<method>\S*) for (?P<invalid>invalid user |illegal user )?(?P<user>.*) from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$""")
+
+-FAILED_ENTRY_REGEX2 = re.compile(r"""(?P<invalid>(Illegal|Invalid)) user (?P<user>.*?) .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""")
++FAILED_ENTRY_REGEX2 = re.compile(r"""(?P<invalid>(Illegal|Invalid)) user (?P<user>.*) from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$""")
+
+-FAILED_ENTRY_REGEX3 = re.compile(r"""Authentication failure for (?P<user>.*) .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""")
++FAILED_ENTRY_REGEX3 = None
+
+-FAILED_ENTRY_REGEX4 = re.compile(r"""Authentication failure for (?P<user>.*) .*from (?P<host>.*)""")
++FAILED_ENTRY_REGEX4 = re.compile(r"""Authentication failure for (?P<user>.*) from (::ffff:)?(?P<host>\S+)$""")
+
+-FAILED_ENTRY_REGEX5 = re.compile(r"""User (?P<user>.*) .*from (?P<host>.*) not allowed because none of user's groups are listed in AllowGroups$""")
++FAILED_ENTRY_REGEX5 = re.compile(r"""User (?P<user>.*) from (::ffff:)?(?P<host>\S+) not allowed because none of user's groups are listed in AllowGroups$""")
+
+-FAILED_ENTRY_REGEX6 = re.compile(r"""Did not receive identification string .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""")
++FAILED_ENTRY_REGEX6 = re.compile(r"""Did not receive identification string .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$""")
+
+-FAILED_ENTRY_REGEX7 = re.compile(r"""User (?P<user>.*) .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}) not allowed because not listed in AllowUsers""")
++FAILED_ENTRY_REGEX7 = re.compile(r"""User (?P<user>.*) from (::ffff:)?(?P<host>\S+) not allowed because not listed in AllowUsers$""")
+
+
+ # these are reserved for future versions
+@@ -42,7 +42,7 @@
+ FAILED_ENTRY_REGEX_MAP[i] = rx
+
+
+-SUCCESSFUL_ENTRY_REGEX = re.compile(r"""Accepted (?P<method>.*) for (?P<user>.*?) from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""")
++SUCCESSFUL_ENTRY_REGEX = re.compile(r"""Accepted (?P<method>\S+) for (?P<user>.*?) from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$""")
+
+ TIME_SPEC_REGEX = re.compile(r"""(?P<units>\d*)\s*(?P<period>[smhdwy])?""")
+
diff --git a/app-admin/denyhosts/files/denyhosts.init-r2 b/app-admin/denyhosts/files/denyhosts.init-r2
new file mode 100644
index 000000000000..de44d4746eeb
--- /dev/null
+++ b/app-admin/denyhosts/files/denyhosts.init-r2
@@ -0,0 +1,28 @@
+#!/sbin/runscript
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-admin/denyhosts/files/denyhosts.init-r2,v 1.1 2014/01/06 01:53:36 ottxor Exp $
+
+extra_stopped_commands="purge"
+
+purge() {
+ ebegin "Purging hosts.deny"
+ start-stop-daemon --start --exec /usr/bin/denyhosts.py --pidfile /var/run/denyhosts.pid -- --purge
+ eend $?
+}
+
+depend() {
+ use logger sshd
+}
+
+start() {
+ ebegin "Starting DenyHosts daemon"
+ start-stop-daemon --start --exec /usr/bin/denyhosts.py --pidfile /var/run/denyhosts.pid -- --daemon -c /etc/denyhosts.conf
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping DenyHosts daemon"
+ start-stop-daemon --quiet --stop --pidfile /var/run/denyhosts.pid
+ eend $?
+}
diff --git a/app-admin/denyhosts/metadata.xml b/app-admin/denyhosts/metadata.xml
index c75617d83912..b40992709551 100644
--- a/app-admin/denyhosts/metadata.xml
+++ b/app-admin/denyhosts/metadata.xml
@@ -5,4 +5,8 @@
<email>dastergon@gentoo.org</email>
<name>Pavlos Ratis</name>
</maintainer>
+ <maintainer>
+ <email>ottxor@gentoo.org</email>
+ <name>Christoph Junghans</name>
+ </maintainer>
</pkgmetadata>